pkg:Debian/libraw

75 total CVEsCRITICAL19HIGH24MEDIUM26

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2026-24660A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b.
from 0
CRITICAL9.8CVE-2026-24450An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2.
from 0
CRITICAL9.8CVE-2026-21413A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b.
from 0
CRITICAL9.8CVE-2026-20911A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b.
from 0
CRITICAL9.8CVE-2026-20889A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b.
from 0
CRITICAL9.8CVE-2026-20884An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2.
from 0
CRITICAL9.8CVE-2025-43964In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
from 0, < 0.20.2-1+deb11u2
CRITICAL9.8CVE-2015-8367The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related…
from 0, < 0.17.1-1
CRITICAL9.8CVE-2015-8366Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and pos…
from 0, < 0.17.1-1
CRITICAL9.8CVE-2017-14265A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3.
from 0, < 0.18.5-1
CRITICAL9.8CVE-2017-6886libraw - security update
from 0, < 0.16.0-9+deb8u3
CRITICAL9.8CVE-2017-6886libraw - security update
from 0, < 0.14.6-2+deb7u2
CRITICAL9.8CVE-2017-6886libraw - security update
from 0, < 0.18.2-2
CRITICAL9.1CVE-2025-43963In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values…
from 0, < 0.20.2-1+deb11u2
CRITICAL9.1CVE-2025-43962In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large…
from 0, < 0.20.2-1+deb11u2
CRITICAL9.1CVE-2025-43961libraw - security update
from 0, < 0.20.2-1+deb11u2
CRITICAL9.1CVE-2025-43961libraw - security update
from 0, < 0.20.2-1+deb11u2
CRITICAL9.1CVE-2017-14608libraw - security update
from 0, < 0.14.6-2+deb7u3
CRITICAL9.1CVE-2017-14608libraw - security update
from 0, < 0.18.5-1
HIGH8.8CVE-2020-24870Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
from 0, < 0.20.2-1
HIGH8.8CVE-2018-20337There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1.
from 0, < 0.19.2-1
HIGH8.8CVE-2018-5810An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a…
from 0, < 0.18.11-1
HIGH8.8CVE-2018-5809An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to caus…
from 0, < 0.18.11-1
HIGH8.8CVE-2018-5808An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stac…
from 0, < 0.18.11-1
HIGH8.8CVE-2018-5807An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause…
from 0, < 0.18.11-1
HIGH8.8CVE-2018-5805A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be explo…
from 0, < 0.18.8-1
HIGH8.8CVE-2018-5802An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to…
from 0, < 0.18.7-1
HIGH8.8CVE-2017-16909An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to c…
from 0, < 0.18.6-1
HIGH8.8CVE-2018-10529An issue was discovered in LibRaw 0.18.9.
from 0, < 0.18.11-1
HIGH8.8CVE-2018-10528An issue was discovered in LibRaw 0.18.9.
from 0, < 0.18.11-1
HIGH8.8CVE-2017-14348LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
from 0, < 0.18.5-1
HIGH7.8CVE-2021-32142libraw - security update
from 0, < 0.19.2-2+deb10u3
HIGH7.8CVE-2021-32142libraw - security update
from 0, < 0.20.2-1+deb11u1
HIGH7.8CVE-2021-32142libraw - security update
from 0, < 0.20.2-1+deb11u1
HIGH7.8CVE-2020-24889A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context…
from 0, < 0.20.2-1
HIGH7.8CVE-2017-6887A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to ca…
from 0, < 0.18.2-2
HIGH7.5CVE-2020-15503libraw - security update
from 0, < 0.19.2-2+deb10u2
HIGH7.5CVE-2020-15503libraw - security update
from 0, < 0.20.0-4
HIGH7.5CVE-2018-5819An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exha…
from 0, < 0.19.1-1
HIGH7.5CVE-2018-5818An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigge…
from 0, < 0.19.1-1
HIGH7.5CVE-2018-5817A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be…
from 0, < 0.19.1-1
HIGH7.5CVE-2017-13735libraw - security update
from 0, < 0.18.5-1
HIGH7.5CVE-2017-13735libraw - security update
from 0, < 0.17.2-6+deb9u2
MEDIUM6.5CVE-2020-22628libraw - security update
from 0, < 0.20.0-4
MEDIUM6.5CVE-2020-22628libraw - security update
from 0, < 0.19.2-2+deb10u4
MEDIUM6.5CVE-2023-1729A flaw was found in LibRaw.
from 0, < 0.20.2-1+deb11u1
MEDIUM6.5CVE-2018-20365LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.
from 0, < 0.19.2-2
MEDIUM6.5CVE-2018-20364LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
from 0, < 0.19.2-2
MEDIUM6.5CVE-2018-20363LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
from 0, < 0.19.2-2
MEDIUM6.5CVE-2018-5816An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited…
from 0, < 0.18.13-1
MEDIUM6.5CVE-2018-5815An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited…
from 0, < 0.18.13-1
MEDIUM6.5CVE-2018-5813An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite…
from 0, < 0.18.11-1
MEDIUM6.5CVE-2018-5812An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to…
from 0, < 0.18.11-1
MEDIUM6.5CVE-2018-5811An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to…
from 0, < 0.18.11-1
MEDIUM6.5CVE-2018-5806An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigg…
from 0, < 0.18.8-1
MEDIUM6.5CVE-2018-5804A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to…
from 0, < 0.18.8-1
MEDIUM6.5CVE-2018-5801An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL…
from 0, < 0.18.7-1
MEDIUM6.5CVE-2018-5800libraw - security update
from 0, < 0.18.7-1
MEDIUM6.5CVE-2018-5800libraw - security update
from 0, < 0.16.0-9+deb8u4
MEDIUM6.5CVE-2017-16910An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited…
from 0, < 0.18.6-1
MEDIUM5.5CVE-2020-35535In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when pr…
from 0, < 0.20.0-4
MEDIUM5.5CVE-2020-35534In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when process…
from 0, < 0.20.0-4
MEDIUM5.5CVE-2020-35533In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when r…
from 0, < 0.20.0-4
MEDIUM5.5CVE-2020-35532In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) whic…
from 0, < 0.20.0-4
MEDIUM5.5CVE-2020-35531In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when re…
from 0, < 0.20.0-4
MEDIUM5.5CVE-2020-35530libraw - security update
from 0, < 0.20.0-4
MEDIUM5.5CVE-2020-35530libraw - security update
from 0, < 0.19.2-2+deb10u1
MEDIUM5.5CVE-2020-24890libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent…
from 0
MEDIUM4.3CVE-2026-5318A weakness has been identified in LibRaw up to 0.22.0.
from 0
—CVE-2026-5342A flaw has been found in LibRaw up to 0.22.0.
from 0
—CVE-2015-3885freeimage - security update
from 0, < 0.9.1-1+deb6u1
—CVE-2015-3885freeimage - security update
from 0, < 0.16.2-1
—CVE-2013-1438exactimage - denial of service
from 0, < 0.15.4-1
—CVE-2013-1439The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of servi…
from 0, < 0.15.4-1
—CVE-2013-2126Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attac…
from 0, < 0.15.3-1